Users from IAM (Syncope) on Talend Data Stewardship.

Hello,

In the Talend documentation it is written that the Talend Identity and Access Management "allow you to manage the user access to Talend Data Preparation and Talend Data Stewardship.".

Consequently, I created a User with a password inside a Group in Syncope (http://hostSyncope:8080/syncope-console) and I created a file "tds-client.json" in <myTomcat>/clients with the following content :

I also checked my data-stewardship.properties file (Segment "### Talend IDP : id/secret for each application") to see if the client_id and the client_secret where the same.

Unfortunatly, when I try to connect to Talend Data Stewardship (http://localhost:8080/idp/federation/up/login) with the user I created in Syncope (http://hostSyncope:8080/syncope-console), I have an "Authentication failed" error.

What am I supposed to do to enable the user I created in Syncope to have an access to Talend Data Stewardship ?

Re: Users from IAM (Syncope) on Talend Data Stewardship.

Hi,

Talend IAM is used as a "bridge" between TAC and Data Preparation/Data Stewardship so that we have single sign-on between Prep and Stewardship (and other web UIs later on). So the interest of defining the links between IAM and Data Stewardship is ... to be able to connect to Data Stewardship with the users defined in TAC.

And the rights of the users in Data Stewardship (or Data Preparation) are defined in TAC, not in Talend IAM. Again, to be as explicit as possible: you do not have to and you must not do anything in Syncope's UI to create Data Stewardship users or groups or to manage their rights. Everything happens in TAC.

Re: Users from IAM (Syncope) on Talend Data Stewardship.

Hello,

Thanks but I already know how to create this kind of user. I just want to know how to use the IAM (Syncope) according to the Talend Documentation : "... Talend Identity and Access Management that allow you to manage the user access to Talend Data Preparation and Talend Data Stewardship."

Re: Users from IAM (Syncope) on Talend Data Stewardship.

Hello,

Ok, I cannot create users with Syncope but can I use it to manage (defining rights on) the users I created in the TAC ? What is the interest of adding links (by creating a file "tds-client.json" in <myTomcat>/clients) between IAM and Data Stewardship ?

Re: Users from IAM (Syncope) on Talend Data Stewardship.

Hi,

Talend IAM is used as a "bridge" between TAC and Data Preparation/Data Stewardship so that we have single sign-on between Prep and Stewardship (and other web UIs later on). So the interest of defining the links between IAM and Data Stewardship is ... to be able to connect to Data Stewardship with the users defined in TAC.

And the rights of the users in Data Stewardship (or Data Preparation) are defined in TAC, not in Talend IAM. Again, to be as explicit as possible: you do not have to and you must not do anything in Syncope's UI to create Data Stewardship users or groups or to manage their rights. Everything happens in TAC.